building a virtual training lab solution using docker and aws

Date:

Presenter:

Building a Learning Lab Solution Using Docker

6/8/2015

Aater Suleman

Docker Austin Meetup

Goal

To Provide Hands On Corporate Training to 600 students on

software EDA tools at a top 5 EDA ISV

Pre-cloud the classrooms looked like this

Technical Requirements

Secure environment

One workstation/student

Identical workstations

All workstations have training materials

Instructors have the ability to share new files during training

Challenges

600+ workstations with generous requirements:

24 GB memory

8 vCPUs

Prerequisite software (RHEL, ~100 packages)

Course material (3-5 GB)

Options

Training laptops

Purchase 600 laptops

Image the laptops using PXE boot

Store and maintain the laptops for next session (6 months)

Virtual machines

Distribute VM images (30+ GB files)

Upgrade employee Laptops that didn’t meet the spec

Solution (in a nutshell)

Virtual Workstations

Spin up 100s of instances in AWS

Students access the instances from their

regular Laptops

Solution Details

AWS architecture

Server details

Automation/Orchestration Access Dashboard

Admin Subnet

Instructor Subnet

Student subnet

NATAPILicenseservers

HQ

HTTPs trafficIP range: US-west-2https://ip-ranges.amazonaws.com/ip-ranges.json

Internet Gateway

Virtual Private Gateway

S3

Server

AWS m3.2xlarge instance and Graphics optmized instances

Amazon Linux and Windows

Boot scripts to:○Set License environment variables○Set file sharing daemons

Linux Setup

RHEL 6.5

NX 3.5 installed for remote desktop access

Automation

Create course○Provide course name for tagging

Create instructor workstation○Create a workstation for instructor to prepare the

image

Save instructor workstation ○Snapshot the instance that the instructor is working

on

Automation (cont’d)

Create class workstations ○Create workstations for the entire class given a list of

users

Start/Stop class workstations ○Start/stop workstations for the entire class

Start/Stop student workstation ○Start/stop workstation of just one user in the class

Access

NX and RDP access files generated for each container

Users access the environment by downloading and running the file on their laptops

No need to run VMs, buy larger laptops, or pollute laptop with throw-away software

Dashboard

Drupal-based Dashboard with Active Directory Integration

Role Class Instructor Student

AdminCreate classCreate/terminate class instances

Assign instructors

Instructor Start/stop class instances

Create instructor instanceSave instructor instance

Start/stop student instances

StudentStart/stop student instanceDownload NX/RDP file to access workstation

Tear Down

Terminate Class instances for all classes

Delete the Cloudformation Stacks

Revamp (6 months)

Create CloudFormation stack

Create IPSec tunnel

Restart Drupal server

Benefits

IT Guys

Saved the laptop upgrades

No effort invested in preparing machines

No maintenance in supporting variety of laptops

No requests from instructors and students to check setup

BenefitsInstructo

rs

Agility - could change the material till the last minute

Could improve it as many times as needed

Did not need to wait for IT to install software and test it

Did not have to rely on IT to create working images

Did not need support to start/stop workstations

Benefits

Allowed to work on labs from office or home

Homogeneous, pre-tested environments

Students

Work on regular laptops

Could start/stop instances as desired

Benefits

Significant cost savings

Autonomy

Automated workflow

Strong feedback on the solution from the

Customer's teams using it.

Training Department

FYI

Informally, the solution ran so smoothly that there were zero support cals in the entire 2 weeks period with 600 students working concurrently.

Challenge

FileSync from instructors to students

Student instances are in private subnet

All students try to download at nearly the same time

NAT becomes a choke point

Interim Solution:

Multiple NAT servers (m3.4xlarge to get 10G internet)

2016: Upgraded to S3 Endpoints in VPC

Thank You

Twitter: @Flux7Labs

Website: www.flux7.com

Icons Src: iconfinder.com